The use of private email servers and communications devices by government officials was a major issue in the 2016 election, from the investigation of Hillary Clinton’s email practices to the hacking of a private email account Mike Pence used for official Indiana state business. The California Supreme Court has recently entered the fray, holding that government officials must search their private email accounts in connection with public records act requests.

The California Supreme Court held in City of San Jose v. Superior Court (Smith) that public employees’ personal accounts may be subject to disclosure under the California Public Records Act (“CPRA”). In San Jose, petitioner Ted Smith requested the disclosure of records related to redevelopment efforts in downtown San Jose, including communications “sent or received on private electronic devices used by” City employees. The City refused to disclose communications made on employees’ personal accounts, arguing that the personal accounts were not within the City’s custody or control. Smith sued for declaratory relief, and the case made its way to the California Supreme Court.

The Court recognized that the CPRA was originally designed to cover paper documents, not the constantly-evolving means of electronic communication available to today’s workers. The Court looked to the statutory intent of the CPRA, beginning with the definition of “public record,” – “(1) a writing, (2) with content relating to the conduct of the public’s business, which is (3) prepared by or (4) owned, used or retained by any state or local agency.” “Writing” is defined in the CPRA as “any form of communication or representation… regardless of the manner in which the record has been stored.” The Court noted that “writing” used to mean a typed or handwritten document, made in some tangible medium, while today “writing” could encompass a wide variety of communications. “[T]he ease and immediacy of electronic communication has encouraged a commonplace tendency to share fleeting thoughts and random bits of information, with varying degrees of import, often to broad audiences. As a result, the line between an official communication and an electronic aside is now sometimes blurred.”

Thus, the issue becomes whether the record is a private communication, or whether it “relate[s] to the conduct of the public’s business.”

By way of example, the Court stated that an email to a spouse complaining “my coworker is an idiot” would not be a public record. In comparison, an email to a superior reporting said coworker’s mismanagement of an agency project would be a public record.

This public versus private analysis is not always clear. The Court noted that, without the records at issue before it, it could not make a determination as to whether the records “related to the conduct of the public’s business. The analysis includes an examination of the context of the communication, the audience, and whether it was prepared by an employee acting within the scope of his employment. While this standard is broad, “it is not so elastic as to include every piece of information the public may find interesting. Communications that are primarily personal, containing no more than incidental mentions of agency business, generally will not constitute public records.”

Lastly, the record must be “prepared, owned, used, or retained” by the government agency. The City argued that “public records” included only those records in the agency’s possession or directly accessible by the agency, and that an employee’s personal account is therefore outside the definition of “public record.” Under the City’s rule, only those communications physically located in City offices or on City-owned servers would qualify.

The Court rejected this argument, holding that records which would otherwise meet the definition of “public record” “do not lose this status because they are located in an employee’s personal account.” The Court referred to the distinction between City offices or servers and an employee’s personal account as “arbitrary,” noting that such a rule would allow public employees to shield information from public disclosure simply by using a personal email account. The Court further pointed out that there is no rule requiring public employees to communicate only through public accounts, and that permitting private accounts to be immune from the CPRA would lead to government officials “hid[ing] their most sensitive, and potentially damning, discussions in such accounts.”

In order to facilitate future search efforts, the Court gave some guidance on the method of searching private email accounts. The Court cited with approval case law under the federal Freedom of Information Act which permitted individuals to search their own records, so long as they have been trained how to do so and provide an affidavit on the method of their search. The Court also suggested that public agencies institute policies prohibiting the use of private accounts for public business.

Both public agencies and litigants seeking the records of public agencies should take note – a CPRA Request now triggers a search of not only the physical files and servers maintained by the public agency, but also the private accounts of its employees. This could include a spectrum of communications, from private email accounts (services like Gmail, Yahoo, and AOL), to private chat programs (like Facebook Messenger or WhatsApp). This gives the public (and litigants) access to real time communications by government employees regarding their public duties, as they are happening.